From 56811d56433aa11945b99eba1ae65d5b3e525ba6 Mon Sep 17 00:00:00 2001 From: "https://www.google.com/accounts/o8/id?id=AItOawnZJhzx-nwZRTgh9kjy2Q8zKYsgTLNM2zc" Date: Fri, 10 Apr 2015 20:32:40 +0000 Subject: Added a comment: intrusion detection? --- .../comment_6_bedb701e0175b2d3833041f2f496d3aa._comment | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment (limited to 'doc') diff --git a/doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment b/doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment new file mode 100644 index 0000000..f5d9831 --- /dev/null +++ b/doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="https://www.google.com/accounts/o8/id?id=AItOawnZJhzx-nwZRTgh9kjy2Q8zKYsgTLNM2zc" + nickname="Evan" + subject="intrusion detection?" + date="2015-04-10T20:32:40Z" + content=""" +It seems to me that this would be particularly useful for narrowly scoped intrusion detection. + +For example, if I have an installed instance of a popular web app (Wordpress, Django, what have you) that is compromised (SQL injection, brute force, etcetera), every part of that app may become suspect even after the initial vulnerability is patched...in which case, a versioned log of what files were changed within the app directory(s) would be *extremely* useful. +"""]] -- cgit v1.2.3